[wp-trac] [WordPress Trac] #32411: Password Strengh giving "strong" for a bad password

WordPress Trac noreply at wordpress.org
Fri May 15 12:49:38 UTC 2015

#32411: Password Strengh giving "strong" for a bad password
 Reporter:  juliobox     |      Owner:
     Type:  enhancement  |     Status:  new
 Priority:  normal       |  Milestone:  Awaiting Review
Component:  Security     |    Version:  trunk
 Severity:  normal       |   Keywords:
  Focuses:               |
 Hello folks,

 I was testing some password patterns and i found one kind of password that
 triggers the "strong" result, but, i think, not really being secure.

 The password is :
   b.  .
 (space space b dot space space dot). Yes, i'm weird testing this ;)


 "b" can't be "a" but can be "x", Some spaces can be "-" etc
 Only 7 chars, only 4 differents, no caps, 2 times 2 same chars.

 If i relay (a little) on http://howsecureismypassword.net this password
 will be cracked by BF attacks in 0.05sec

 Maybe the pasword strengh algorythm has to be checked?

 Thanks you

Ticket URL: <https://core.trac.wordpress.org/ticket/32411>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list